/** * Execute */ function execute( $par ) { $this->setHeaders(); $this->outputHeader(); $user = $this->getUser(); if ( !$user->isAllowedAny( 'import', 'importupload' ) ) { throw new PermissionsError( 'import' ); } # @todo Allow Title::getUserPermissionsErrors() to take an array # @todo FIXME: Title::checkSpecialsAndNSPermissions() has a very wierd expectation of what # getUserPermissionsErrors() might actually be used for, hence the 'ns-specialprotected' $errors = wfMergeErrorArrays( $this->getTitle()->getUserPermissionsErrors( 'import', $user, true, array( 'ns-specialprotected', 'badaccess-group0', 'badaccess-groups' ) ), $this->getTitle()->getUserPermissionsErrors( 'importupload', $user, true, array( 'ns-specialprotected', 'badaccess-group0', 'badaccess-groups' ) ) ); if ( $errors ) { throw new PermissionsError( 'import', $errors ); } $this->checkReadOnly(); $request = $this->getRequest(); if ( $request->wasPosted() && $request->getVal( 'action' ) == 'submit' ) { $this->doImport(); } $this->showForm(); }
/** * Execute * @param string|null $par * @throws PermissionsError * @throws ReadOnlyError */ function execute($par) { $this->useTransactionalTimeLimit(); $this->setHeaders(); $this->outputHeader(); $this->namespace = $this->getConfig()->get('ImportTargetNamespace'); $this->getOutput()->addModules('mediawiki.special.import'); $this->importSources = $this->getConfig()->get('ImportSources'); Hooks::run('ImportSources', [&$this->importSources]); $user = $this->getUser(); if (!$user->isAllowedAny('import', 'importupload')) { throw new PermissionsError('import'); } # @todo Allow Title::getUserPermissionsErrors() to take an array # @todo FIXME: Title::checkSpecialsAndNSPermissions() has a very wierd expectation of what # getUserPermissionsErrors() might actually be used for, hence the 'ns-specialprotected' $errors = wfMergeErrorArrays($this->getPageTitle()->getUserPermissionsErrors('import', $user, true, ['ns-specialprotected', 'badaccess-group0', 'badaccess-groups']), $this->getPageTitle()->getUserPermissionsErrors('importupload', $user, true, ['ns-specialprotected', 'badaccess-group0', 'badaccess-groups'])); if ($errors) { throw new PermissionsError('import', $errors); } $this->checkReadOnly(); $request = $this->getRequest(); if ($request->wasPosted() && $request->getVal('action') == 'submit') { $this->doImport(); } $this->showForm(); }
/** * Execute */ function execute($par) { global $wgRequest, $wgUser, $wgOut; $this->setHeaders(); $this->outputHeader(); if (wfReadOnly()) { $wgOut->readOnlyPage(); return; } if (!$wgUser->isAllowed('import') && !$wgUser->isAllowed('importupload')) { return $wgOut->permissionRequired('import'); } # TODO: allow Title::getUserPermissionsErrors() to take an array # FIXME: Title::checkSpecialsAndNSPermissions() has a very wierd expectation of what # getUserPermissionsErrors() might actually be used for, hence the 'ns-specialprotected' $errors = wfMergeErrorArrays($this->getTitle()->getUserPermissionsErrors('import', $wgUser, true, array('ns-specialprotected', 'badaccess-group0', 'badaccess-groups')), $this->getTitle()->getUserPermissionsErrors('importupload', $wgUser, true, array('ns-specialprotected', 'badaccess-group0', 'badaccess-groups'))); if ($errors) { $wgOut->showPermissionsErrorPage($errors); return; } if ($wgRequest->wasPosted() && $wgRequest->getVal('action') == 'submit') { $this->doImport(); } $this->showForm(); }
public function checkPermissions(User $user, $reason) { $status = new Status(); $errors = wfMergeErrorArrays($this->oldTitle->getUserPermissionsErrors('move', $user), $this->oldTitle->getUserPermissionsErrors('edit', $user), $this->newTitle->getUserPermissionsErrors('move-target', $user), $this->newTitle->getUserPermissionsErrors('edit', $user)); // Convert into a Status object if ($errors) { foreach ($errors as $error) { call_user_func_array(array($status, 'fatal'), $error); } } if (EditPage::matchSummarySpamRegex($reason) !== false) { // This is kind of lame, won't display nice $status->fatal('spamprotectiontext'); } # The move is allowed only if (1) the target doesn't exist, or # (2) the target is a redirect to the source, and has no history # (so we can undo bad moves right after they're done). if ($this->newTitle->getArticleID()) { # Target exists; check for validity if (!$this->isValidMoveTarget()) { $status->fatal('articleexists'); } } else { $tp = $this->newTitle->getTitleProtection(); if ($tp !== false) { if (!$user->isAllowed($tp['permission'])) { $status->fatal('cantmove-titleprotected'); } } } Hooks::run('MovePageCheckPermissions', array($this->oldTitle, $this->newTitle, $user, $reason, $status)); return $status; }
public function checkPermissions(User $user, $reason) { $status = new Status(); $errors = wfMergeErrorArrays($this->oldTitle->getUserPermissionsErrors('move', $user), $this->oldTitle->getUserPermissionsErrors('edit', $user), $this->newTitle->getUserPermissionsErrors('move-target', $user), $this->newTitle->getUserPermissionsErrors('edit', $user)); // Convert into a Status object if ($errors) { foreach ($errors as $error) { call_user_func_array(array($status, 'fatal'), $error); } } if (EditPage::matchSummarySpamRegex($reason) !== false) { // This is kind of lame, won't display nice $status->fatal('spamprotectiontext'); } $tp = $this->newTitle->getTitleProtection(); if ($tp !== false && !$user->isAllowed($tp['permission'])) { $status->fatal('cantmove-titleprotected'); } Hooks::run('MovePageCheckPermissions', array($this->oldTitle, $this->newTitle, $user, $reason, $status)); return $status; }
/** * Check whether a given move operation would be valid. * Returns true if ok, or a getUserPermissionsErrors()-like array otherwise * * @deprecated since 1.25, use MovePage's methods instead * @param Title $nt The new title * @param bool $auth Whether to check user permissions (uses $wgUser) * @param string $reason Is the log summary of the move, used for spam checking * @return array|bool True on success, getUserPermissionsErrors()-like array on failure */ public function isValidMoveOperation(&$nt, $auth = true, $reason = '') { global $wgUser; if (!$nt instanceof Title) { // Normally we'd add this to $errors, but we'll get // lots of syntax errors if $nt is not an object return array(array('badtitletext')); } $mp = new MovePage($this, $nt); $errors = $mp->isValidMove()->getErrorsArray(); if ($auth) { $errors = wfMergeErrorArrays($errors, $mp->checkPermissions($wgUser, $reason)->getErrorsArray()); } return $errors ?: true; }
public function showDiffPage($diffOnly = false) { # Allow frames except in certain special cases $out = $this->getOutput(); $out->allowClickjacking(); $out->setRobotPolicy('noindex,nofollow'); if (!$this->loadRevisionData()) { $this->showMissingRevision(); return; } $user = $this->getUser(); $permErrors = $this->mNewPage->getUserPermissionsErrors('read', $user); if ($this->mOldPage) { # mOldPage might not be set, see below. $permErrors = wfMergeErrorArrays($permErrors, $this->mOldPage->getUserPermissionsErrors('read', $user)); } if (count($permErrors)) { throw new PermissionsError('read', $permErrors); } $rollback = ''; $query = array(); # Carry over 'diffonly' param via navigation links if ($diffOnly != $user->getBoolOption('diffonly')) { $query['diffonly'] = $diffOnly; } # Cascade unhide param in links for easy deletion browsing if ($this->unhide) { $query['unhide'] = 1; } # Check if one of the revisions is deleted/suppressed $deleted = $suppressed = false; $allowed = $this->mNewRev->userCan(Revision::DELETED_TEXT, $user); $revisionTools = array(); # mOldRev is false if the difference engine is called with a "vague" query for # a diff between a version V and its previous version V' AND the version V # is the first version of that article. In that case, V' does not exist. if ($this->mOldRev === false) { $out->setPageTitle($this->msg('difference-title', $this->mNewPage->getPrefixedText())); $samePage = true; $oldHeader = ''; } else { Hooks::run('DiffViewHeader', array($this, $this->mOldRev, $this->mNewRev)); if ($this->mNewPage->equals($this->mOldPage)) { $out->setPageTitle($this->msg('difference-title', $this->mNewPage->getPrefixedText())); $samePage = true; } else { $out->setPageTitle($this->msg('difference-title-multipage', $this->mOldPage->getPrefixedText(), $this->mNewPage->getPrefixedText())); $out->addSubtitle($this->msg('difference-multipage')); $samePage = false; } if ($samePage && $this->mNewPage->quickUserCan('edit', $user)) { if ($this->mNewRev->isCurrent() && $this->mNewPage->userCan('rollback', $user)) { $rollbackLink = Linker::generateRollback($this->mNewRev, $this->getContext()); if ($rollbackLink) { $out->preventClickjacking(); $rollback = '   ' . $rollbackLink; } } if (!$this->mOldRev->isDeleted(Revision::DELETED_TEXT) && !$this->mNewRev->isDeleted(Revision::DELETED_TEXT)) { $undoLink = Html::element('a', array('href' => $this->mNewPage->getLocalURL(array('action' => 'edit', 'undoafter' => $this->mOldid, 'undo' => $this->mNewid)), 'title' => Linker::titleAttrib('undo')), $this->msg('editundo')->text()); $revisionTools['mw-diff-undo'] = $undoLink; } } # Make "previous revision link" if ($samePage && $this->mOldRev->getPrevious()) { $prevlink = Linker::linkKnown($this->mOldPage, $this->msg('previousdiff')->escaped(), array('id' => 'differences-prevlink'), array('diff' => 'prev', 'oldid' => $this->mOldid) + $query); } else { $prevlink = ' '; } if ($this->mOldRev->isMinor()) { $oldminor = ChangesList::flag('minor'); } else { $oldminor = ''; } $ldel = $this->revisionDeleteLink($this->mOldRev); $oldRevisionHeader = $this->getRevisionHeader($this->mOldRev, 'complete'); $oldChangeTags = ChangeTags::formatSummaryRow($this->mOldTags, 'diff'); $oldHeader = '<div id="mw-diff-otitle1"><strong>' . $oldRevisionHeader . '</strong></div>' . '<div id="mw-diff-otitle2">' . Linker::revUserTools($this->mOldRev, !$this->unhide) . '</div>' . '<div id="mw-diff-otitle3">' . $oldminor . Linker::revComment($this->mOldRev, !$diffOnly, !$this->unhide) . $ldel . '</div>' . '<div id="mw-diff-otitle5">' . $oldChangeTags[0] . '</div>' . '<div id="mw-diff-otitle4">' . $prevlink . '</div>'; if ($this->mOldRev->isDeleted(Revision::DELETED_TEXT)) { $deleted = true; // old revisions text is hidden if ($this->mOldRev->isDeleted(Revision::DELETED_RESTRICTED)) { $suppressed = true; // also suppressed } } # Check if this user can see the revisions if (!$this->mOldRev->userCan(Revision::DELETED_TEXT, $user)) { $allowed = false; } } # Make "next revision link" # Skip next link on the top revision if ($samePage && !$this->mNewRev->isCurrent()) { $nextlink = Linker::linkKnown($this->mNewPage, $this->msg('nextdiff')->escaped(), array('id' => 'differences-nextlink'), array('diff' => 'next', 'oldid' => $this->mNewid) + $query); } else { $nextlink = ' '; } if ($this->mNewRev->isMinor()) { $newminor = ChangesList::flag('minor'); } else { $newminor = ''; } # Handle RevisionDelete links... $rdel = $this->revisionDeleteLink($this->mNewRev); # Allow extensions to define their own revision tools Hooks::run('DiffRevisionTools', array($this->mNewRev, &$revisionTools, $this->mOldRev, $user)); $formattedRevisionTools = array(); // Put each one in parentheses (poor man's button) foreach ($revisionTools as $key => $tool) { $toolClass = is_string($key) ? $key : 'mw-diff-tool'; $element = Html::rawElement('span', array('class' => $toolClass), $this->msg('parentheses')->rawParams($tool)->escaped()); $formattedRevisionTools[] = $element; } $newRevisionHeader = $this->getRevisionHeader($this->mNewRev, 'complete') . ' ' . implode(' ', $formattedRevisionTools); $newChangeTags = ChangeTags::formatSummaryRow($this->mNewTags, 'diff'); $newHeader = '<div id="mw-diff-ntitle1"><strong>' . $newRevisionHeader . '</strong></div>' . '<div id="mw-diff-ntitle2">' . Linker::revUserTools($this->mNewRev, !$this->unhide) . " {$rollback}</div>" . '<div id="mw-diff-ntitle3">' . $newminor . Linker::revComment($this->mNewRev, !$diffOnly, !$this->unhide) . $rdel . '</div>' . '<div id="mw-diff-ntitle5">' . $newChangeTags[0] . '</div>' . '<div id="mw-diff-ntitle4">' . $nextlink . $this->markPatrolledLink() . '</div>'; if ($this->mNewRev->isDeleted(Revision::DELETED_TEXT)) { $deleted = true; // new revisions text is hidden if ($this->mNewRev->isDeleted(Revision::DELETED_RESTRICTED)) { $suppressed = true; // also suppressed } } # If the diff cannot be shown due to a deleted revision, then output # the diff header and links to unhide (if available)... if ($deleted && (!$this->unhide || !$allowed)) { $this->showDiffStyle(); $multi = $this->getMultiNotice(); $out->addHTML($this->addHeader('', $oldHeader, $newHeader, $multi)); if (!$allowed) { $msg = $suppressed ? 'rev-suppressed-no-diff' : 'rev-deleted-no-diff'; # Give explanation for why revision is not visible $out->wrapWikiMsg("<div id='mw-{$msg}' class='mw-warning plainlinks'>\n\$1\n</div>\n", array($msg)); } else { # Give explanation and add a link to view the diff... $query = $this->getRequest()->appendQueryValue('unhide', '1'); $link = $this->getTitle()->getFullURL($query); $msg = $suppressed ? 'rev-suppressed-unhide-diff' : 'rev-deleted-unhide-diff'; $out->wrapWikiMsg("<div id='mw-{$msg}' class='mw-warning plainlinks'>\n\$1\n</div>\n", array($msg, $link)); } # Otherwise, output a regular diff... } else { # Add deletion notice if the user is viewing deleted content $notice = ''; if ($deleted) { $msg = $suppressed ? 'rev-suppressed-diff-view' : 'rev-deleted-diff-view'; $notice = "<div id='mw-{$msg}' class='mw-warning plainlinks'>\n" . $this->msg($msg)->parse() . "</div>\n"; } $this->showDiff($oldHeader, $newHeader, $notice); if (!$diffOnly) { $this->renderNewRevision(); } } }
function showDiffPage($diffOnly = false) { wfProfileIn(__METHOD__); # Allow frames except in certain special cases $out = $this->getOutput(); $out->allowClickjacking(); $out->setRobotPolicy('noindex,nofollow'); if (!$this->loadRevisionData()) { $this->showMissingRevision(); wfProfileOut(__METHOD__); return; } $user = $this->getUser(); $permErrors = $this->mNewPage->getUserPermissionsErrors('read', $user); if ($this->mOldPage) { # mOldPage might not be set, see below. $permErrors = wfMergeErrorArrays($permErrors, $this->mOldPage->getUserPermissionsErrors('read', $user)); } if (count($permErrors)) { wfProfileOut(__METHOD__); throw new PermissionsError('read', $permErrors); } # If external diffs are enabled both globally and for the user, # we'll use the application/x-external-editor interface to call # an external diff tool like kompare, kdiff3, etc. if (ExternalEdit::useExternalEngine($this->getContext(), 'diff')) { //TODO: come up with a good solution for non-text content here. // at least, the content format needs to be passed to the client somehow. // Currently, action=raw will just fail for non-text content. $urls = array('File' => array('Extension' => 'wiki', 'URL' => $this->mNewPage->getCanonicalURL(array('action' => 'raw', 'oldid' => $this->mOldid))), 'File2' => array('Extension' => 'wiki', 'URL' => $this->mNewPage->getCanonicalURL(array('action' => 'raw', 'oldid' => $this->mNewid)))); $externalEditor = new ExternalEdit($this->getContext(), $urls); $externalEditor->execute(); wfProfileOut(__METHOD__); return; } $rollback = ''; $undoLink = ''; $query = array(); # Carry over 'diffonly' param via navigation links if ($diffOnly != $user->getBoolOption('diffonly')) { $query['diffonly'] = $diffOnly; } # Cascade unhide param in links for easy deletion browsing if ($this->unhide) { $query['unhide'] = 1; } # Check if one of the revisions is deleted/suppressed $deleted = $suppressed = false; $allowed = $this->mNewRev->userCan(Revision::DELETED_TEXT, $user); # mOldRev is false if the difference engine is called with a "vague" query for # a diff between a version V and its previous version V' AND the version V # is the first version of that article. In that case, V' does not exist. if ($this->mOldRev === false) { $out->setPageTitle($this->msg('difference-title', $this->mNewPage->getPrefixedText())); $samePage = true; $oldHeader = ''; } else { wfRunHooks('DiffViewHeader', array($this, $this->mOldRev, $this->mNewRev)); $sk = $this->getSkin(); if (method_exists($sk, 'suppressQuickbar')) { $sk->suppressQuickbar(); } if ($this->mNewPage->equals($this->mOldPage)) { $out->setPageTitle($this->msg('difference-title', $this->mNewPage->getPrefixedText())); $samePage = true; } else { $out->setPageTitle($this->msg('difference-title-multipage', $this->mOldPage->getPrefixedText(), $this->mNewPage->getPrefixedText())); $out->addSubtitle($this->msg('difference-multipage')); $samePage = false; } if ($samePage && $this->mNewPage->quickUserCan('edit', $user)) { if ($this->mNewRev->isCurrent() && $this->mNewPage->userCan('rollback', $user)) { $out->preventClickjacking(); $rollback = '   ' . Linker::generateRollback($this->mNewRev, $this->getContext()); } if (!$this->mOldRev->isDeleted(Revision::DELETED_TEXT) && !$this->mNewRev->isDeleted(Revision::DELETED_TEXT)) { $undoLink = ' ' . $this->msg('parentheses')->rawParams(Html::element('a', array('href' => $this->mNewPage->getLocalUrl(array('action' => 'edit', 'undoafter' => $this->mOldid, 'undo' => $this->mNewid)), 'title' => Linker::titleAttrib('undo')), $this->msg('editundo')->text()))->escaped(); } } # Make "previous revision link" if ($samePage && $this->mOldRev->getPrevious()) { $prevlink = Linker::linkKnown($this->mOldPage, $this->msg('previousdiff')->escaped(), array('id' => 'differences-prevlink'), array('diff' => 'prev', 'oldid' => $this->mOldid) + $query); } else { $prevlink = ' '; } if ($this->mOldRev->isMinor()) { $oldminor = ChangesList::flag('minor'); } else { $oldminor = ''; } $ldel = $this->revisionDeleteLink($this->mOldRev); $oldRevisionHeader = $this->getRevisionHeader($this->mOldRev, 'complete'); $oldHeader = '<div id="mw-diff-otitle1"><strong>' . $oldRevisionHeader . '</strong></div>' . '<div id="mw-diff-otitle2">' . Linker::revUserTools($this->mOldRev, !$this->unhide) . '</div>' . '<div id="mw-diff-otitle3">' . $oldminor . Linker::revComment($this->mOldRev, !$diffOnly, !$this->unhide) . $ldel . '</div>' . '<div id="mw-diff-otitle4">' . $prevlink . '</div>'; if ($this->mOldRev->isDeleted(Revision::DELETED_TEXT)) { $deleted = true; // old revisions text is hidden if ($this->mOldRev->isDeleted(Revision::DELETED_RESTRICTED)) { $suppressed = true; // also suppressed } } # Check if this user can see the revisions if (!$this->mOldRev->userCan(Revision::DELETED_TEXT, $user)) { $allowed = false; } } # Make "next revision link" # Skip next link on the top revision if ($samePage && !$this->mNewRev->isCurrent()) { $nextlink = Linker::linkKnown($this->mNewPage, $this->msg('nextdiff')->escaped(), array('id' => 'differences-nextlink'), array('diff' => 'next', 'oldid' => $this->mNewid) + $query); } else { $nextlink = ' '; } if ($this->mNewRev->isMinor()) { $newminor = ChangesList::flag('minor'); } else { $newminor = ''; } # Handle RevisionDelete links... $rdel = $this->revisionDeleteLink($this->mNewRev); $newRevisionHeader = $this->getRevisionHeader($this->mNewRev, 'complete') . $undoLink; $newHeader = '<div id="mw-diff-ntitle1"><strong>' . $newRevisionHeader . '</strong></div>' . '<div id="mw-diff-ntitle2">' . Linker::revUserTools($this->mNewRev, !$this->unhide) . " {$rollback}</div>" . '<div id="mw-diff-ntitle3">' . $newminor . Linker::revComment($this->mNewRev, !$diffOnly, !$this->unhide) . $rdel . '</div>' . '<div id="mw-diff-ntitle4">' . $nextlink . $this->markPatrolledLink() . '</div>'; if ($this->mNewRev->isDeleted(Revision::DELETED_TEXT)) { $deleted = true; // new revisions text is hidden if ($this->mNewRev->isDeleted(Revision::DELETED_RESTRICTED)) { $suppressed = true; } // also suppressed } # If the diff cannot be shown due to a deleted revision, then output # the diff header and links to unhide (if available)... if ($deleted && (!$this->unhide || !$allowed)) { $this->showDiffStyle(); $multi = $this->getMultiNotice(); $out->addHTML($this->addHeader('', $oldHeader, $newHeader, $multi)); if (!$allowed) { $msg = $suppressed ? 'rev-suppressed-no-diff' : 'rev-deleted-no-diff'; # Give explanation for why revision is not visible $out->wrapWikiMsg("<div id='mw-{$msg}' class='mw-warning plainlinks'>\n\$1\n</div>\n", array($msg)); } else { # Give explanation and add a link to view the diff... $link = $this->getTitle()->getFullUrl($this->getRequest()->appendQueryValue('unhide', '1', true)); $msg = $suppressed ? 'rev-suppressed-unhide-diff' : 'rev-deleted-unhide-diff'; $out->wrapWikiMsg("<div id='mw-{$msg}' class='mw-warning plainlinks'>\n\$1\n</div>\n", array($msg, $link)); } # Otherwise, output a regular diff... } else { # Add deletion notice if the user is viewing deleted content $notice = ''; if ($deleted) { $msg = $suppressed ? 'rev-suppressed-diff-view' : 'rev-deleted-diff-view'; $notice = "<div id='mw-{$msg}' class='mw-warning plainlinks'>\n" . $this->msg($msg)->parse() . "</div>\n"; } $this->showDiff($oldHeader, $newHeader, $notice); if (!$diffOnly) { $this->renderNewRevision(); } } wfProfileOut(__METHOD__); }
/** * Check whether a given move operation would be valid. * Returns true if ok, or a getUserPermissionsErrors()-like array otherwise * * @param $nt Title the new title * @param $auth Bool indicates whether $wgUser's permissions * should be checked * @param $reason String is the log summary of the move, used for spam checking * @return Mixed True on success, getUserPermissionsErrors()-like array on failure */ public function isValidMoveOperation(&$nt, $auth = true, $reason = '') { global $wgUser; $errors = array(); if (!$nt) { // Normally we'd add this to $errors, but we'll get // lots of syntax errors if $nt is not an object return array(array('badtitletext')); } if ($this->equals($nt)) { $errors[] = array('selfmove'); } if (!$this->isMovable()) { $errors[] = array('immobile-source-namespace', $this->getNsText()); } if ($nt->getInterwiki() != '') { $errors[] = array('immobile-target-namespace-iw'); } if (!$nt->isMovable()) { $errors[] = array('immobile-target-namespace', $nt->getNsText()); } $oldid = $this->getArticleID(); $newid = $nt->getArticleID(); if (strlen($nt->getDBkey()) < 1) { $errors[] = array('articleexists'); } if ($this->getDBkey() == '' || !$oldid || $nt->getDBkey() == '') { $errors[] = array('badarticleerror'); } // Image-specific checks if ($this->getNamespace() == NS_FILE) { $errors = array_merge($errors, $this->validateFileMoveOperation($nt)); } if ($nt->getNamespace() == NS_FILE && $this->getNamespace() != NS_FILE) { $errors[] = array('nonfile-cannot-move-to-file'); } if ($auth) { $errors = wfMergeErrorArrays($errors, $this->getUserPermissionsErrors('move', $wgUser), $this->getUserPermissionsErrors('edit', $wgUser), $nt->getUserPermissionsErrors('move-target', $wgUser), $nt->getUserPermissionsErrors('edit', $wgUser)); } $match = EditPage::matchSummarySpamRegex($reason); if ($match !== false) { // This is kind of lame, won't display nice $errors[] = array('spamprotectiontext'); } $err = null; if (!wfRunHooks('AbortMove', array($this, $nt, $wgUser, &$err, $reason))) { $errors[] = array('hookaborted', $err); } # The move is allowed only if (1) the target doesn't exist, or # (2) the target is a redirect to the source, and has no history # (so we can undo bad moves right after they're done). if (0 != $newid) { # Target exists; check for validity if (!$this->isValidMoveTarget($nt)) { $errors[] = array('articleexists'); } } else { $tp = $nt->getTitleProtection(); $right = $tp['pt_create_perm'] == 'sysop' ? 'protect' : $tp['pt_create_perm']; if ($tp and !$wgUser->isAllowed($right)) { $errors[] = array('cantmove-titleprotected'); } } if (empty($errors)) { return true; } return $errors; }
public function onSubmit(array $data) { global $wgContLang; if ($data['pagetitle'] === '') { // Initial form view of special page, pass return false; } // At this point, it has to be a POST request. This is enforced by HTMLForm, // but lets be safe verify that. if (!$this->getRequest()->wasPosted()) { throw new RuntimeException("Form submission was not POSTed"); } $this->title = Title::newFromText($data['pagetitle']); $user = $this->getUser(); // Check permissions and make sure the user has permission to edit the specific page $errors = $this->title->getUserPermissionsErrors('editcontentmodel', $user); $errors = wfMergeErrorArrays($errors, $this->title->getUserPermissionsErrors('edit', $user)); if ($errors) { $out = $this->getOutput(); $wikitext = $out->formatPermissionsErrorMessage($errors); // Hack to get our wikitext parsed return Status::newFatal(new RawMessage('$1', array($wikitext))); } $page = WikiPage::factory($this->title); if ($this->oldRevision === null) { $this->oldRevision = $page->getRevision() ?: false; } $oldModel = $this->title->getContentModel(); if ($this->oldRevision) { $oldContent = $this->oldRevision->getContent(); try { $newContent = ContentHandler::makeContent($oldContent->getNativeData(), $this->title, $data['model']); } catch (MWException $e) { return Status::newFatal($this->msg('changecontentmodel-cannot-convert')->params($this->title->getPrefixedText(), ContentHandler::getLocalizedName($data['model']))); } } else { // Page doesn't exist, create an empty content object $newContent = ContentHandler::getForModelID($data['model'])->makeEmptyContent(); } $flags = $this->oldRevision ? EDIT_UPDATE : EDIT_NEW; if ($user->isAllowed('bot')) { $flags |= EDIT_FORCE_BOT; } $log = new ManualLogEntry('contentmodel', 'change'); $log->setPerformer($user); $log->setTarget($this->title); $log->setComment($data['reason']); $log->setParameters(array('4::oldmodel' => $oldModel, '5::newmodel' => $data['model'])); $formatter = LogFormatter::newFromEntry($log); $formatter->setContext(RequestContext::newExtraneousContext($this->title)); $reason = $formatter->getPlainActionText(); if ($data['reason'] !== '') { $reason .= $this->msg('colon-separator')->inContentLanguage()->text() . $data['reason']; } # Truncate for whole multibyte characters. $reason = $wgContLang->truncate($reason, 255); $status = $page->doEditContent($newContent, $reason, $flags, $this->oldRevision ? $this->oldRevision->getId() : false, $user); if (!$status->isOK()) { return $status; } $logid = $log->insert(); $log->publish($logid); return $status; }
/** * Check if the merge is possible * @param User $user * @param string $reason * @return Status */ public function checkPermissions(User $user, $reason) { $status = new Status(); // Check if user can edit both pages $errors = wfMergeErrorArrays($this->source->getUserPermissionsErrors('edit', $user), $this->dest->getUserPermissionsErrors('edit', $user)); // Convert into a Status object if ($errors) { foreach ($errors as $error) { call_user_func_array(array($status, 'fatal'), $error); } } // Anti-spam if (EditPage::matchSummarySpamRegex($reason) !== false) { // This is kind of lame, won't display nice $status->fatal('spamprotectiontext'); } // Check mergehistory permission if (!$user->isAllowed('mergehistory')) { // User doesn't have the right to merge histories $status->fatal('mergehistory-fail-permission'); } return $status; }